A setup mistake has apparently left hundreds of thousands of home routers running the SSH (Secure Shell) remote access tool with identical private and public keys.
John Matherly, founder of Shodan, a specialized search engine company whose technology is used for querying Internet-connected devices, found more than 250,000 devices that appear to be deployed by Telefónica de España sharing the same public SSH key.
A different search found another 150,000 devices, mostly in China and Taiwan, that have the same problem.
Matherly said in a phone interview on Wednesday it is possible the manufacturers copied the same operating system image to all of the routers.
